inject fake update for another software

infobyte / evilgrade

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.

https://www.faradaysec.com/

1.28k stars 279 forks source link

inject fake update for another software #13

Closed Ali-Reza8 closed 7 years ago

Ali-Reza8 commented 8 years ago

Hi Is that possible to inject fake update for the software that I want? I would really appreciate if you could provide steps to this purpose.

thanks

f-amato commented 8 years ago

Hi there, You have to figurate if is it possible and the software is vulnerable, after that you can copy the structure of any plugin and create your own so evilgrade can support it.

mattaereal commented 8 years ago

Sniffing the traffic of the desired software in the exact moment when an update is being executed would be the first step. Then you'll need to check whether the update goes in plain text or https for starters... If it goes in plain text and is not signed properly then you probably have found a vulnerable updater.